from the carbon-paper?--seriously? dept

When you write regularly about lawsuits, you learn very quickly that not all court systems are equal when it comes to allowing modern access to public filings and records. The country is a veritable panoply of an access spectrum, with some districts offering modern e-filing systems and websites to review documents, while other districts are far more antiquated and restrictive. That said, it's hard to imagine a county court system more backwards than that of Chicago's Cook County.

Every workday, attorneys enter criminal courtrooms across Cook County, put away their smartphones and operate in a world that their grandparents would have recognized: accordion-style Manila folders to hold paper documents, handwritten orders for judges to sign, even carbon paper to make copies of the paper filings.

“God help us all if the carbon didn’t take,” said defense attorney Alana De Leon, who had never used the outdated copying method — invented more than two centuries ago — before setting foot in a West Side branch court a few years ago.

While the Tribune article notes that these antiquated techniques result in derisive jokes from the attorneys forced to use them, the reality is that they are no laughing matter. The article tells the story of a woman looking for filing information for her boyfriend's criminal court case and was forced to travel 14 miles just to find out what charges her boyfriend was facing. And this sort of thing isn't reserved for the lay public. Criminal defense attorneys must also make a similar trek just to find out the basic case information for any clients they may take on in Cook County as well. In the surrounding counties, this information would be available via e-filings via an internet connection. In Cook County, home to the third largest city in the union, its all physical filings and carbon copies.

Circuit Court Clerk Dorothy Brown, in charge of this love letter to the days of robber barons, does not want to hear you blame her for any of this, however.

Circuit Court Clerk Dorothy Brown bristled at the suggestion that her office has been slow to adapt to the internet age, telling the Tribune in an hourlong interview last week that a complete overhaul of the criminal case management system is expected to be completed by March 2019. Brown spoke of an “interactive” system in which much of the work performed by attorneys and judges in the courtrooms could be done electronically. Brown said her ultimate goal is to end the reliance on ink and paper.

Dorothy Brown, Chicago’s elected court clerk, filed her appeal notice this week, challenging a ruling in early January by U.S. District Judge William Kennelly. The judge found the First Amendment prohibits the clerk from withholding new efiled complaints, a regular source of news, from the press corps. He gave the clerk 30 days to provide access.

She made no move to comply and continues to argue that she must first screen the filings for confidentiality. In his 16-page opinion, Kennelly found that argument belied by a number of effective alternatives available to the clerk.

It's moves like that which create the impression that the lack of transparency that comes along with Cook County's laughably anachronistic records systems is a feature rather than a bug. Cook County has long been a place where county and city officials have played a game of subterfuge with the press and the public, hiding legal machinations as well as actions taken by the city, such as million dollar payouts to the families of victims of police shootings. Making the court system as opaque as possible for as long as possible seems to be the goal.

Brown, of course, insists otherwise and blames the state Supreme Court and Chief Judge Timothy Evans for Cook County's woes.

Brown said her hands have been tied by the Illinois Supreme Court dragging its feet in allowing e-filing statewide in criminal cases for the first time just last year. She also blamed Chief Judge Timothy Evans’ office for blocking her from making basic docket information available online for criminal cases.

In an email, however, Evans’ spokesman, Pat Milhizer, denied Brown’s claim, saying his office would consider any such proposal from the circuit clerk.

Many will say this all smells of classic Chicago machine politics. And, in many respects, it certainly comes off that way. The suburban counties all have modern e-filing systems in place, after all, including several rural counties that don't have nearly the breadth of resources afforded to Cook County. What should be kept top of mind, however, is the tax all of this puts on the public and its interest in justice in the county. Going back to defense attorney De Leon and the use of technology as outdated as carbon copy:

“To a certain extent ... the lack of transparency kind of is the ugly product of the old system,” De Leon said. “I don’t know if it’s necessarily on purpose — to keep this information away from the average citizen — but it certainly is a consequence of that.”

And no amount of CYA or finger-pointing should distract anyone from the obvious reality that the public is not being well-served by the Cook County court filing system.

from the time-to-dial-back-the-apocalyptic-narrative dept

Another paper has been released, adding to the current encryption discussion. The FBI and DOJ want access to the contents of locked devices. They call encryption that can be bypassed by law enforcement "responsible encryption." It isn't. A recent paper by cryptograpghy expert Riana Pfefferkorn explained in detail how irresponsible these suggestions for broken or weakened encryption are.

This new paper [PDF] was put together by the National Academies of Science, Engineering, and Medicine. (h/t Lawfare) It covers a lot of ground others have and rehashes the history of encryption, along with many of the pro/con arguments. That said, it's still worth reading. It raises some good questions and spends a great deal of time discussing the multitude of options law enforcement has available, but which are ignored by FBI officials when discussing the backdoors/key escrow/weakened encryption they'd rather have.

The paper points out law enforcement now has access to much more potential evidence than it's ever had. But that might not always be a good thing.

The widespread use of cloud storage means that law enforcement has another potential source of evidence to turn to when they do not have access to the data on devices, either because the device is unavailable or the data on the device is encrypted. Not all of this digital information will be useful, however. Because storage is cheap or even free, people keep all sorts of non-noteworthy electronic documents forever.

What's unsaid here is law enforcement should be careful what it wishes for. Encryption that allows government on-demand access may drown it in useless data and documents. If time is of the essence in cases where law enforcement is seeking to prevent further criminal activity, having a golden key may not move things along any faster. I'm sure the FBI and others would prefer access all the same, but this does point to a potential negative side effect of cheap storage and endless data generation.

And the more access law enforcement has, the more chances there are for something to go horribly wrong on the provider's end.

How frequently might vendors be asked to unlock phones? It is difficult to predict the volume of requests to vendors, but a figure in the tens of thousands per year seems reasonable, given the number of criminal wiretaps per year in the United States and the number of inaccessible devices reported by just the FBI and Manhattan District Attorney’s Office. As a result, each vendor, depending on its market share, needs to be able to handle thousands to tens of thousands of domestic requests per year.

Such a change in scale, as compared to the software update process, would necessitate a change in process and may require a larger number of people authorized to release an unlock code than are authorized to release a software update, which would increase the insider risk.

The paper also runs down stats provided by the FBI and the Manhattan DA's office. It notes the overall number of unlockable phones has continued to rise but points out these numbers aren't all that meaningful without context.

In November 11, 2016, testimony to this committee, then-Federal Bureau of Investigation (FBI) General Counsel James Baker reported that for fiscal year 2016, the FBI had encountered passcodes on 2,095 of the 6,814 mobile devices examined by its forensic laboratories. They were able to break into 1,210 of the locked phones, leaving 885 that could not be accessed. The information Baker presented did not address the nature of the crimes involves nor whether the crimes were solved using other techniques.

[...]

Although existing data clearly show that encryption is being encountered with increasing frequency, the figures above do not give a clear picture of how frequently an inability to access information seriously hinders investigations and prosecutions.

It goes on to note that we may never see this contextual information. Any attempt to collect this data would be hindered by law enforcement's reluctance to provide it, and there are currently no visible efforts being made by agencies to determine just how often encryption stymies investigations. Whatever would actually be reported would be tainted by subjective assessments of encryption's role in the investigation. However, without more context, the endless parade of locked device figures is nothing more than showmanship in service to the greater goal of undermining encryption.

The paper helpfully lists several options law enforcement can pursue, including approaching cloud services for content stored outside of locked devices. It also points out the uncomfortable fact that law enforcement doesn't appear to be making use of tools it's always had available. One of these options is compelled production of passwords or biometric data to unlock phones. While the Fifth Amendment implications of compelled password production are still under debate, it's pretty clear fingerprints or retinas aren't going to receive as much Constitutional protection.

On top of that, there's the fact that a number of device owners have already voluntarily provided copies of encryption keys, and these can likely be accessed by law enforcement using a standard warrant or an All Writs Act order.

[M]any storage encryption products today offer key escrow-like features to avoid data loss or support business record management requirements. For example, Apple’s full disk encryption for the Mac gives the user the option to, in effect, escrow the encryption key. Microsoft Windows’ BitLocker feature escrows the key by default but allows users to request that the escrowed key be deleted. Some point to the existence of such products as evidence that key recovery for stored data can be implemented in a way that sensibly balances risks and benefits at least in certain contexts and against certain threats. In any case, data that is recoverable by a vendor without the user’s passcode can be recovered by the vendor for law enforcement as well. Key escrow-type systems are especially prevalent and useful where the user, or some other authorized person such as the employer, needs access to stored data.

The report also claims law enforcement "had not kept pace" with the increase of digital evidence. It posits the problem is a lack of funding and training. Training is almost certainly a problem, but very few law enforcement agencies -- especially those at the federal level -- suffer for funding or expertise. This might be due to bad assumptions, where officials believed they would always have full access to device contents (minus occasional end user initiative on encryption). When it became clear they wouldn't, they began to seek solutions to the problems. This put them a few steps behind. Then there are those, like Manhattan DA Cy Vance and FBI Director Chris Wray, who are putting law enforcement even further behind by pushing for legislation rather than focusing their efforts on keeping officers and agents well-supplied and well-trained.

While the report does suggest vendors and law enforcement work together to solve this access "problem," the suggestions place the burden on vendors. One suggested fix is one-way information sharing where vendors make law enforcement aware of unpatched exploits, allowing the government (and anyone else who discovers it) to use these vulnerabilities to gain access to communications and data. It's a horrible suggestion -- one that puts vendors in the liability line of fire and encourages continued weakening of device and software security.

The report also points out the calls for harder nerding have been at least partially answered. The proposed solutions aren't great. In fact, one of them (running lawful access keys and software update keys through the same pipeline) is terrible. But it's not as though no one on the tech side is trying to come up with a solution.

Several individuals with backgrounds in security and systems have begun to explore possible technical mechanisms to provide government exceptional access. Three individuals presented their ideas to the committee.

• Ernie Brickell, former chief security architect, Intel Corporation, described ways that protected partitions, a security feature provided by future microprocessor architectures, could be used to provide law enforcement access to devices in their physical possession, provide remote access by law enforcement, or provide key escrowed cryptography for use by applications and nonescrowed cryptography for a set of “allowed” applications.

• Ray Ozzie, former chief technical officer and former chief software architect, Microsoft Corporation, argued that if a user trusts a vendor to update software, the user should be able to trust the vendor to manage keys that can provide exceptional access. He proposed that this extension of the trust model used for software updates could be used to provide government exceptional access to unlock mobile devices. Ozzie also provided the committee with materials describing how this approach could be extended to real-time communications such as messaging.

• Stefan Savage, professor of computer science and engineering, University of California, San Diego, described how phone unlock keys could be stored in hardware and made available via an internal hardware interface together with a “proof-of-effort” lock that together would require physical possession and a time delay before law enforcement could unlock a device.

The report points out these are only suggestions and have yet to be rigorously examined by security professionals. But their existence belies the narrative pushed by the FBI in its search for a federal statutory mandate. There are experts trying to help. Unfortunately, every solution proposed is going to require a sacrifice in device security.

The problem is complex, if you choose to believe it's a problem. It may be troublesome that law enforcement can't have access to device contents as easily as they could five years ago, but it's not the threat to public safety anti-encryption enthusiasts like Chris Wray and Cy Vance make it out to be. Encryption use has gone up while crime rates have remained steady or decreased. The emphasis on cellphones as the ultimate investigative goldmine is misplaced. Plenty of options remain and law enforcement spent years solving crimes without having one-stop access to communications and personal documents. An ancient discovery known as "fire" has put evidence out of reach for hundreds of years, but no one's asking the smart guys at Big Match to come up with a solution. Things are harder but they're not impossible. What is impossible is what Wray and others are asking for: secure compromised encryption.

The facts in this case are basically this: the owner of a run-down, formerly industrial building in a run-down neighborhood aspired to do something to redevelop his property, but it would be a few years before the time would be right. So in the meantime he let some graffiti artists use the building for their aerosol paintings. The building became known as 5Pointz, and the artwork on it soon began to attract attention. The neighborhood also began to change, and with the improvement the prospects for redeveloping the property into residences became more promising. From the outset everyone knew that redevelopment would happen eventually, and that it would put an end to the arrangement since the redevelopment would likely necessitate tearing down the building, and with it the art on the walls. As the date of demolition grew closer, the artists considered buying the building from the owner in order to prevent it from being torn down and thus preserve the art. However the owner had received a variance that suddenly made the value of the property skyrocket from $40 million to $200 million, which made the buyout impossible. So the artists instead sued to halt the destruction of their art and asked for a preliminary injunction, which would ensure that nothing happened to the art while the case was litigated. But in late 2013 the court denied the preliminary injunction, and so a few days later the building owner went ahead and painted over the walls. The painting-over didn't end the litigation, which then became focused on whether this painting-over broke the law. In 2017 the court issued a ruling allowing the case to proceed to trial on this question. Then last week came the results of that trial, with the court finding this painting-over a "willfully" "infringing" act and assessing a $6.7 million damages award against the owner for it.

It may be tempting to cheer the news that an apparently wealthy man has been ordered to pay $6.7 million to poorer artists for damaging their art. True -- the building owner, with his valuable property, seems to be someone who potentially could afford to share some of that wealth with artists who are presumably of lesser means. But we can't assume that a defendant building owner, who wants to be able to do with his property what he is normally legally allowed to do, will always be the one with all the money, and the plaintiff artist will always be the one without those resources. The law applies to all cases, no matter which party is richer, and the judicial reasoning at play in this case could just as easily apply if Banksy happened to paint the side of your house and you no longer wanted what he had painted to remain there. Per this decision, removing it could turn into an expensive proposition.

The decision presents several interrelated reasons for concern. Some arise from the law underpinning it, the Visual Artists Rights Act of 1990, an amendment to copyright law that, as described below, turned the logic of copyright law on its head. But there are also some alarming things about this particular decision, especially surrounding the application of high statutory damages for what the court deemed "willful" "infringement," that accentuate everything that's wrong with VARA and present issues of its own.

With respect to the law itself, prior to VARA the point of copyright law (at least in the US) was to make sure that the most works could be created to best promote the progress of the sciences and useful arts (as the Constitution prescribed). The copyright statute did this by giving creators economic rights, or rights designed to ensure that if there was money to be made from their works, they would have first crack at making it. The thinking was that with this economic incentive, creators would create more works, and thus the public interest goal of having more works created would be realized.

VARA changed this statutory equation for certain kinds of visual works. Instead of economic rights, it gave their creators certain moral rights, including (as relevant for this case), the right to preserve the integrity of their work. This right of integrity includes the right

(A) to prevent any intentional destruction, mutilation, or other
modification of that work which would be prejudicial to his or her honor
or reputation, and any intentional distortion, mutilation, or modification
of that work is a violation of that right, and
(B) to prevent any destruction of a work of recognized stature, and any
intentional or grossly negligent destruction of that work is a violation of
that right.

Which may sound well and good, but as we see with the costly way the statute plays out, rather than creating economic incentives stimulating the creation of new works, it has now created economic effects inhibiting them, which in the long run will only hurt the artists VARA was intended to help.

The most obvious way it hurts them is by deterring property owners from allowing any art to be installed on their property, because it means that if they do, they may be forever stuck with it. Allowing art to be installed means they will either stand to lose the control they would have had without it (itself a hit to the property's worth), or potentially be faced with thousands if not millions of dollars in liability if they do what they want with their property anyway. And what property owner would want to chance such dire consequences in order to encourage art?

Granted, some of this risk can be ameliorated with written agreements, which were lacking in this case. But if all public art requires lawyered paperwork, it raises costs and will deter both artist and property owner from pursuing this sort of mutually beneficial arrangement. In this case the property owner had let the artists use his building to create, for free, by unwritten agreement simply because at the time they all agreed that it was good for both of them. It will not be good for creativity if we discourage this sort of symbiotic relationship from taking root.

It also will not be good for future artists whose economic interests might have benefited from other such opportunities like those 5Pointz offered. Even in this case the court noted all the evidence presented in "Folios", showing that being able to paint the building had opened up all sorts of doors for the artists to reap further economic rewards for their art. Artists will have fewer opportunities for that sort of career-enhancing exposure if landlords are deterred from giving it to them.

There is an implicit argument present in the plaintiffs' case that some of the rise in the value of the building was due to the artwork, and that it would therefore be just to share some of that windfall with them. But by this same logic, the building owner would have been similarly responsible for, and thus entitled to a portion of, the rise in value of the work of the artists whom he had allowed to exhibit. It would not be good for artists in the long run if they should find themselves needing to share their good fortune with their benefactors – or be potentially liable for any loss in their property value, should the presence of their work diminish it.

This case also stands to have some directly chilling effects on artists. While this case is not about graffiti artists suing each other for painting over each other's works (as the court noted, up to now graffiti artists have routinely painted over each others' works without any more severe penalty than social approbation, if even that), it's not clear why, if the decision stands, the next case couldn't be. The decision found that a VARA claim could be vindicated regardless of whether a work was temporary or permanent, and instead focused on whether a work had achieved the stature needed to be entitled to protection under the statute. It won't be good for artists if they have to fear being tied up in litigation with their peers due to the transient nature of their medium (or locked out of being able to create at all because others have already used all the good spaces first), or caught in a judicial cage match to determine whose work has the stature to be more deserving of protection.

It is possible that the court erred, and transient art falls outside VARA's purview. But there is enough ambiguity in the statute to potentially extend to it, and in any case, the statute's deterring effects would apply to all sorts of art, not just aerosol-painted art. Unfortunately at no point does the decision contemplate these effects, or its effects on other important policy values such as urban planning and affordable housing, if VARA is able to trump other forms of law, such as property law, that normally speak to what a building owner may do. The decision also largely ignores that the building owner had let the artists paint there in the first place, when he didn't have to. And it ignores that the building owner had done this apparently now wrongful painting-over of the art on his walls after this very same court denied an injunction that would have told him not to. None of these factors mattered to the court.

But all of them should matter to us, as should the extremely troubling way the court found his "infringement" (in other words, the painting-over) "willful," and thus subject to heightened damages. This is where the decision not only encapsulates the policy flaws of VARA, but also threatens to be seriously distorting to copyright doctrine (and other law) generally.

One troubling aspect is the punitive attitude by the court towards the building owner for having painted over the art after the very same court had denied an injunction preventing it. In between its order of November 12, 2013 denying the preliminary injunction, and its November 20, 2013 decision explaining its order (embedded below), the building owner had gone ahead and done the painting-over. This act appears to have outraged the court, whose November 20 decision reads more as an explanation for why it probably should have issued the injunction, now that in the intervening time the owner had painted over it.

As the court correctly observed in this 2013 opinion, preliminary injunctions exist so that courts can prevent irreparable harm at the outset that a court is likely to later rule needs to be prevented, if it would be too late to unring the bell at that point. In fact the language the court cited for the injunction is so standard that when the naked order denying the preliminary injunction was issued, it was perfectly reasonable for the building owner to presume that either (a) he was likely to win the case and be able to do what he wanted to the building, or (b) it wasn't such a severe harm if he removed the art now and later the court decided he shouldn't have, or (c) some combination of both. So it reads as a serious miscarriage of justice for the court's 2018 decision to punish him for going ahead and removing the art, or "recklessly disregard[ing] the possibility" that removing it would be wrongful, as the court put it.

Furthermore, if the court is right in its 2018 decision that the painting-over raised a valid VARA claim, then it was wrong to deny the injunction in 2013. Problematic though it is for VARA to introduce non-economic rights into copyright law, the whole point of one of them – the right to maintain the integrity of the work – can only be vindicated with an injunction. If this right were something that could be adequately compensated for by monetary damages, then it would start to look a lot more like an economic right. That's not what VARA was ever intended to create, but it is what the court effectively created back in 2013 when it refused the injunction and deemed monetary damages sufficient to address any harm should the VARA claim later prevail.

As it wrote in a confused passage in its 2013 decision:

Although the works have now been destroyed—and the Court wished it had the power to preserve them—plaintiffs would be hard-pressed to contend that no amount of money would compensate them for their paintings; and VARA—which makes no distinction between temporary and permanent works of visual art—provides that significant monetary damages may be awarded for their wrongful destruction. See 17 U.S.C. §§ 501-505 (providing remedies for VARA violations). In any event, paintings generally are meant to be sold. Their value is invariably reflected in the money they command in the marketplace. Here, the works were painted for free, but surely the plaintiffs would gladly have accepted money from the defendants to acquire their works, albeit on a wall rather than on a canvas.

It continued more bizarrely:

Moreover, plaintiffs’ works can live on in other media. The 24 works have been photographed, and the court, during the hearing, exhorted the plaintiffs to photograph all those which they might wish to preserve. All would be protected under traditional copyright law, see 17 U.S.C. § 106 (giving, inter alia, copyright owners of visual works of art the exclusive rights to reproduce their works, to prepare derivative works, and to sell and publicly display the works), and could be marketed to the general public—even to those who had never been to 5Pointz.

In the court's defense, it is correct that VARA does allow for infringements of moral rights to be compensated by monetary damages. But it shouldn't be the primary form of relief, and the court's punitive use of the highest amount of statutory damages to compensate the artists exemplifies why. Statutory damages are normally for when it is hard to measure economic loss and so we have to instead make some presumptions about how much compensation that loss deserves. There are already plenty of problems with these presumptions tending to allow for the recovery of far more than what actual losses would have been, but this decision magnifies their problematic nature by allowing statutory damages not only to overcompensate economic loss but to overcompensate non-economic loss. In other words, congratulations, we now have "pain and suffering" in copyright cases.

Perhaps in a way we always have – the overuse of statutory damages has always suggested that is really a retributive, rather than truly compensatory, damages measure. In this case, the court is perfectly frank that's what it's doing:

If not for Wolkoff’s insolence, these damages would not have been assessed. If he did not destroy 5Pointz until he received his permits and demolished it 10 months later, the Court would not have found that he had acted willfully. Given the degree of difficulty in proving actual damages, a modest amount of statutory damages would probably have been more in order.

But courts have always maintained the facade that compensation for emotional harm is unavailable in copyright cases. The 5Pointz court even acknowledges this limitation in footnote 18 of its 2018 decision:

Plaintiffs contend that they are entitled to damages for emotional distress. Under traditional copyright law, plaintiffs cannot recover such damages. See Garcia v. Google, Inc., 786 F.3d 733, 745 (9th Cir. 2015) (“[A]uthors cannot seek emotional damages under the Copyright Act, because such damages are unrelated to the value and marketability of their works.”); Kelley v. Universal Music Group, 2016 WL 5720766, at *2 (S.D.N.Y. Sept. 29, 2016) (“Because emotional distress damages are not compensable under the Copyright Act, this claim must also be dismissed.”). Since VARA provides damages under “the same standards that the courts presently use” under traditional copyright law, H.R. Rep. No. 101-514, at 21-22 (1990), emotional damages are not recoverable.

But the outright hostility the court repeatedly shows the defendant, in the language in both decisions, makes it clear that statutory damages are being used to compensate for what is otherwise a purely emotional harm. From the 2018 decision:

The whitewash did not end the conflict in one go; the effects lingered for almost a year. The sloppy, half-hearted nature of the whitewashing left the works easily visible under thin layers of cheap, white paint, reminding the plaintiffs on a daily basis what had happened. The mutilated works were visible by millions of people on the passing 7 train. One plaintiff, Miyakami, said that upon seeing her characters mutilated in that manner, it "felt like [she] was raped." Tr. at 1306:24-25.

There are good reasons why we do not allow copyright to remediate hurt feelings, not the least of which being that they are likely to run raw on both sides. From an article from last year (before the $6.7 million judgment):

Wolkoff feels betrayed by the artists he thought he was helping by lending them his wall to bomb. He cried when the building came down, he confessed, and said he would bring back more street artists to paint at the location after the renovation—just not those who sued.

Notably in its 2017 ruling (also embedded below) allowing the VARA claim to go forward, the court dismissed the artists' claims for intentional infliction of emotional distress, despite the strong emotions the case had engendered.

Because the defendants destroyed 5Pointz only after the Court dissolved its temporary restraining order and did no more than raze what they rightfully owned, the defendants simply did not engage in the kind of outrageous and uncivilized conduct for whose punishment this disfavored tort was designed.

And therein lies the rub: the building owner did no more than what other law clearly allowed. But by allowing artists to bring claims for the "intentional distortion, mutilation, or other modification . . . [of works that] would be prejudicial to [the artist’s] honor or reputation" the court has set up a direct conflict between VARA and what traditional copyright law, and traditional property law, have allowed. And it has done this without addressing any of the implications of this new policy collision.

from the to-paraphrase-Cole-Porter,-'Well,-Can-You-Even!' dept

When a mass shooting occurs, politicians leap into the void with plenty of ideas of how to fix it. They can't -- or won't -- fix it, but they're more than willing to sacrifice other Constitutional amendments to keep the Second Amendment intact. Kentucky Governor Matt Bevins was the first to fill the void with garbage following the latest school shooting by blaming violent video games, despite there being no evidence linking violent acts to violent video games.

Speaking to Florida Attorney General Pam Bondi, Trump said: ‘I’m hearing more and more people seeing the level of violence in video games is really shaping young people’s thoughts ‘

'And then you go the further step, and that’s the movies. You see these movies, and they’re so violent a kid is able to see the movie if sex isn’t involved, but killing is involved, and maybe we need to put a rating system for that.'

It appears Trump is suggesting video games and movies need a rating system. I honestly don't know where to go with this. Video games have had a rating system -- one adopted and enforced voluntarily by developers -- for nearly a quarter-century now. Movies have had ratings for more than 50 years, and that rating system has been revised a couple of times to allow for a more granular breakdown of possibly offensive content.

These are not new ideas. But these are our President's ideas -- ones that carry a faint whiff of impending government censorship. Imposing further restrictions on "violent" media isn't going to solve an ongoing violence problem, but it will allow legislators (and sitting presidents) to pretend they did something useful.

So, if you want an intact Second Amendment, you'd better leave the rest of the rights alone. This is stupid, kneejerk... well, it's definitely not "thinking." This sort of thing suggests no active firing of synapses. Instead, it suggests the primordial survival instincts of a politician who views rights as privileges and is willing to harm those not immediately beneficial to him. Politicians like Trump and Governor Bevins are quick to blame things they don't understand or don't participate in. This allows them to feel like they're taking action without risking anything that's meaningful to them. It's crass, stupid, short-sighted, and ultimately, it's a sign of weakness. It takes no backbone to sacrifice things you don't care about.

from the blowback dept

Well, well. For the past few months I've been meaning to write about Disney's silly lawsuit against Redbox, but other stuff kept coming up, and now a judge has ruled against Disney and said that Disney appears to be engaged in copyright misuse. This is in a case that Disney brought -- and it appears to be backfiring badly. Redbox, as you probably know, has kiosks where you can rent DVDs relatively cheaply. It's managed to stay alive despite the traditional DVD rental business disappearing most everywhere else. About a decade ago, Hollywood fought vigorously against Redbox, but the company survived (though being taken over by a private equity firm in 2016), relying heavily on first sale rights, enabling it to legally purchase DVDs and then rent them out.

Back in December, however, Disney sued Redbox over taking its business to the next level and including download codes that could be purchased at a Redbox kiosk. Though it took them basically forever, Hollywood studios have finally realized that offering online access with the purchase of movies is a good idea, but they only want the end consumer who is buying a DVD to get access to them. So, Redbox would buy the Disney "Combo Packs" that offered the DVD and a download code, and the would offer the paper codes in kiosks to let renters watch the movie online. They weren't just copying the code and letting anyone use it -- it was still a one-to-one limitation with the purchase in that they would buy the DVD with a paper code on it, and then stuff that paper code into their kiosk delivery pods. Disney argued that this was contributory copyright infringement, even though the code pointed to a legitimate/authorized version of the movie and was legitimately purchased.

Redbox hit back by arguing that the First Sale doctrine protected it (as it did with the physical rentals) and that it is free to use the codes in this manner as the legal purchaser. Disney's response to that was that First Sale does not apply to the download code because it's not the copyright-covered work.

But Redbox also hit back with a separate punch against Disney, arguing that it was engaged in copyright misuse, a concept we've discussed in the past, but that rarely shows up in cases these days (even though we've argued it should be used more often). The basic argument was that Disney was over-claiming what copyright allowed it to exclude in order to stamp out competition. And, (somewhat surprisingly), in the process of denying Disney's demand for a preliminary injunction, the court agrees that Disney is engaged in copyright misuse because it is using its copyright in the movies to restrict what happens to purchases.

Combo Pack purchasers cannot access digital
movie content, for which they have already paid, without exceeding
the scope of the license agreement unless they forego their
statutorily-guaranteed right to distribute their physical copies of
that same movie as they see fit. This improper leveraging of
Disney’s copyright in the digital content to restrict secondary
transfers of physical copies directly implicates and conflicts with
public policy enshrined in the Copyright Act, and constitutes
copyright misuse.

Because of this, the court finds that Disney has little chance of prevailing on its contributory copyright infringement claims and denies the injunction request.

The court then notes that it doesn't even need to get into the First Sale issues, but then suggests Redbox would have difficulty winning on a pure first sale argument, mainly because of the ReDigi decision that said you can't sell "used" MP3s. And then concludes that First Sale doesn't really come into play since it's the code that's at issue, rather than the copyright-covered content:

Notwithstanding ReDigi, the plain language of the statutes,
and the important policy considerations described by the Copyright
Office, Redbox urges this court to conclude that Disney’s sale of
a download code is indistinguishable from the sale of a tangible,
physical, particular copy of a copyrighted work that has simply
not yet been delivered. Even assuming that the transfer is a sale
and not a license, and putting aside what Disney’s representations
on the box may suggest about whether or not a “copy” is being
transferred, this court cannot agree that a “particular material
object” can be said to exist, let alone be transferred, prior to
the time that a download code is redeemed and the copyrighted work
is fixed onto the downloader’s physical hard drive. Instead,
Disney appears to have sold something akin to an option to create
a physical copy at some point in the future. Because no
particular, fixed copy of a copyrighted work yet existed at the
time Redbox purchased, or sold, a digital download code, the first
sale doctrine is inapplicable to this case.

There's a separate issue around whether or not Redbox's actions constituted a "breach of contract," and again the court is unimpressed. The key question is whether or not the text that Disney prints on its box about how "codes are not for sale or transfer" represents a contract. The court easily concludes that it does not:

The phrase “Codes are not for sale or transfer” cannot
constitute a shrink wrap contract because, like the box at issue in
Norcia, Disney’s Combo Pack box makes no suggestion that opening
the box constitutes acceptance of any further license restrictions.... Although Disney seeks to
analogize its Combo Pack packaging and language to the packaging
and terms in Lexmark, the comparison is inapt. The thorough boxtop
license language in Lexmark not only provided consumers with
specific notice of the existence of a license and explicitly stated that opening the package would constitute acceptance, but also set
forth the full terms of the agreement, including the nature of the
consideration provided, and described a post-purchase mechanism for
rejecting the license. Here, in contrast, Disney relies solely
upon the phrase “Codes are not for sale or transfer” to carry all
of that weight. Unlike the box-top language in Lexmark, Disney’s
phrase does not identify the existence of a license offer in the
first instance, let alone identify the nature of any consideration,
specify any means of acceptance, or indicate that the consumer’s
decision to open the box will constitute assent. In the absence of
any such indications that an offer was being made, Redbox’s silence
cannot reasonably be interpreted as assent to a restrictive
license.

Of course, this almost certainly means that Disney is quickly reprinting the packaging on all its Combo Pack DVDs to make this language more legalistic to match the Lexmark standard.

Still, the court also notes that Disney makes other claims on the box that are clearly not true, which further undermine the claim that random sentences on the box represent a contract:

Indeed, the presence of other, similarly assertive but
unquestionably non-binding language on the Combo Pack boxes casts
further doubt upon the argument that the phrase “Not For Sale or
Transfer” communicates the terms or existence of a valid offer.
The packaging also states, for example, that “This product . . .
cannot be resold or rented individually.”... This prescription is demonstrably false, at least insofar as
it pertains to the Blu-ray disc and DVD portions of the Combo
Pack.8 The Copyright Act explicitly provides that the owner of a
particular copy “is entitled, without the authority of the
copyright owner, to sell or otherwise dispose of the possession of
that copy.” ... Thus, the clearly unenforceable “cannot be resold
individually” language conveys nothing so much as Disney’s
preference about consumers’ future behavior, rather than the
existence of a binding agreement. At this stage, it appears that
the accompanying “Not For Sale or Transfer” language plays a
similar role.

While it's a bit disappointing to see the court buy into the ReDigi reasoning on First Sale, it's good to see it not buy the language on the box representing a contract and to call out the company for copyright misuse in leveraging copyrights to stifle other lawful activity. This case is likely far from over, though, so we'll see how things progress.

from the good-deals-on-cool-stuff dept

In the CISSP Certification Training Course, overseen by the Information Systems Security Certification Consortium (ISSCC), you'll master the fundamentals of information systems security, and learn the skills you need to pass the CISSP exam. You'll learn the principles of access control, and how they can be strengthened and applied to keep unauthorized users out of a system. The course covers the role of information governance and risk management in security standards, the legal obligations of data security, and much more. It's on sale for $29.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

from the big-massive-mistake dept

Things had been mostly quiet on the SESTA/FOSTA front for the past few weeks, but apparently that's about to change, as the House leadership has agreed to a plan to rush the bill to a full floor vote next week, by creating a terrible Frankenstein of a bill that solves none of the existing concerns people had -- but creates new ones. If you don't recall, there are competing bills in the House (FOSTA) and the Senate (SESTA) which purportedly both attempt to deal with the problem of human traffickers using internet services to enable illegal trafficking. Both bills have serious flaws in how they attack the problem -- with the potential to actually make the problem of trafficking worse while also screwing up how the internet works (especially for smaller internet services) at the same time.

Things had been at a standstill for the past couple months as the House pushed its approach with FOSTA, while the Senate stood by its approach with SESTA. SESTA works by changing Section 230 of the Communications Decency Act to create a huge hole saying that CDA 230 doesn't apply if a site "knowingly facilitates" a violation of sex trafficking laws. If you don't have much experience with how similar laws work on the internet, this might sound reasonable, but in practice it's not. There's a similar "knowledge" standard in copyright law, and we've seen that abused repeatedly to censor all sorts of content over the years. You just need to allege that something violates the law, and a platform seeking to avoid potentially crippling liability is likely to remove that content. As I've noted, if the law passes, almost every internet company will be put at risk, including anyone from small blogs like ours to Wikipedia. The bill's backers seem to think this is a benefit rather than a problem -- which is quite incredible.

Until now, the House had been pushing an alternative proposal, called FOSTA, which tried to achieve similar results without punching a giant hole in CDA 230. Instead, it focused on creating a new crime for those with the intent to promote or facilitate prostitution. The intent standard is a much stronger one than the "knowledge" standard. There were still a couple of problems with FOSTA, though. Rather than focusing on sex trafficking, it covered all prostitution, which is too frequently lumped in with trafficking, and worried many in the community of folks supporting the rights of sex workers. But, a larger issue was that this would still open a huge hole for state and local prosecutors to go on massive fishing expeditions if any sort of prostitution related content ended up on any website. Even if they couldn't show intent, they could still bog down almost any internet platform with charges and investigations for quite some time. I mean, even we get people trying to spam our comments all the time with what appear to be prostitution ads. We catch most of them, but what if a few get through and some law enforcement agency wants to make life difficult for us? Under FOSTA, that's a real possibility. Such laws can be abused.

Still, the approaches were so different that things appeared to mostly be at a standstill. However, as noted above, suddenly things are moving and moving fast... and in the worst possible way. House Leadership apparently decided that rather than convince the Senate to move to a FOSTA approach, they would just bolt SESTA onto FOSTA via an amendment. And then, suddenly the House bill has all the problems of both bills without fixing either.

That amendment was released yesterday and is being introduced by Rep. Mimi Walters of California. Her district includes Irvine, which houses a whole bunch of tech companies who should be absolutely furious that their own representative just made things much more difficult for them. Take, for example, JobzMall, an Irvine-based company for connecting workers and employers. It's not difficult to think of how some might try to abuse that tool for prostitution or trafficking -- and suddenly the site may face a ton of legal fights, fishing expeditions and criminal threats because of this. That seems like a huge, huge problem.

And, importantly, it cannot be stressed enough that nothing in either of these bills does anything at all to actually stop sex trafficking. Supporters of the bill keep insisting it's necessary to stop sex trafficking and that those opposed to the bills are somehow in favor of sex trafficking. That's just wrong. Those opposed to the bill know what happens when you have mis-targeted bills that hold platforms responsible for what users do with them: and it's not that the "bad stuff" goes away. Instead, the bad stuff tends to continue, and lots of perfectly acceptable things get censored.

A recent paper by one of the world's foremost experts on "intermediary liability," Daphne Keller, explains why the bill won't work based on years and years of studying how these kinds of intermediary liability laws work in practice:

SESTA’s confusing language and poor policy choices, combined with platforms’ natural incentive to avoid legal risk, make its likely practical consequences all too clear. It will give platforms reason to err on the side of removing Internet users’ speech in response to any controversy – and in response to false or mistaken allegations, which are often levied against online speech. It will also make platforms that want to weed out bad user generated content think twice, since such efforts could increase their overall legal exposure.

And, again, NONE of that does anything to actually go after sex traffickers.

As Keller notes in her paper:

SESTA would fall short on both of intermediary liability law’s core goals: getting illegal content down from the Internet, and keeping legal speech up. It may not survive the inevitable First Amendment challenge if it becomes law. That’s a shame. Preventing online sex trafficking is an important goal, and one that any reasonable participant in the SESTA discussion shares. There is no perfect law for doing that, but there are laws that could do better than SESTA -- and with far less harm to ordinary Internet users. Twenty years of intermediary liability lawmaking, in the US and around the world, has provided valuable lessons that could guide Congress in creating a more viable law.

But instead of doing that, Congress is pushing through with something that doesn't even remotely attempt to fix the problems, but bolts together two totally separate problematic bills and washes its hands of the whole process. And, we won't even bother getting into the procedural insanity of this suddenly coming to the House floor for a vote early next week, despite the Judiciary Committee only voting for FOSTA, but not this SESTA-clone amendment.

This is a terrible idea, done in a terrible way and Congress seems to be doing it because it wants to "do something" about sex trafficking, without realizing what it's doing won't help stop sex trafficking, and could create massive harm for the wider internet. It's the perfectly dumb solution to the wrong problem. It's a very Congress-like approach to things, in which "doing something" is much more important than understanding the issues or doing the right thing.

And, once again, while some are incorrectly insisting that "the big tech companies" are against this, they are not. Their trade group, the Internet Association, came out in favor of SESTA's approach and Facebook in particular has gone all in supporting the bill. In talking to people familiar with Facebook's thinking on this, they recognize that they can withstand whatever bullshit comes out of this, but they know that smaller platforms cannot. And to Facebook, that is one of the benefits of SESTA. It weakens the competition and hurts smaller companies.

So, no, this is not "big tech" fighting SESTA. Basically every smaller internet platform I've spoken to is upset about this and trying to figure out how they're going to handle the inevitable mess this causes. But few are willing to speak out publicly, because they know that SESTA supporters will vocally attack them and falsely claim that they're "in favor of sex trafficking." Incredibly, most of those attacks will come on platforms that only exist because of CDA 230's strong protections.

from the simple-answers-to-complex-questions dept

In the wake of the school shooting tragedy in Florida that saw 17 people slain and more injured, the following days have played out in a depressingly familiar fashion. It's somewhat stunning to see such bloodshed result in the predictable retreat by most people to the defensive or offensive ground of their cause du jour. What should be immediately obvious to anyone seriously examining something like the mass murder of school children and teachers is that the reality that surrounds such an event is messy, complicated, and influenced by detail. Yet, as is our wont, entirely too many people decide that the solution to the mass shooting puzzle is made up of one or two pieces, rather than hundreds and thousands. It's guns. It's specific types of guns. It's mental health. It's rap music, or the waltz, or comic books. It's one of these things that deserve our ire, or maybe two if we're feeling generous.

"There are video games that, yes, are listed for mature audiences, but kids play them and everybody knows it, and there's nothing to prevent the child from playing them," Bevin said in an interview on WHAS' Leland Conway show Thursday morning. "They celebrate the slaughtering of people. There are games that literally replicate and give people the ability to score points for doing the very same thing that these students are doing inside of schools, where you get extra points for finishing someone off who's lying there begging for their life."

"These are quote-unquote video games, and they're forced down our throats under the guise of protected speech," Bevin continued, seemingly referring to a 2011 Supreme Court decision that prevents content-based restrictions on games. "It's garbage. It's the same as pornography. They have desensitized people to the value of human life, to the dignity of women, to the dignity of human decency. We're reaping what we've sown here."

We are indeed, except what we've reaped has been a vibrant culture in which art and expression are both liberated and celebrated. We owe that to the very First Amendment protections at which Bevin finds it so easy to sneer. Importantly, at no point did Bevin suggest that Nikolas Cruz himself had any affinity for any particular video game or games. For Bevin, such details matter not. A campaign against video games has been the Governor's aim since long before Cruz shot up his former school and the shooting simply provided an excuse to rant against a favorite whipping post.

If that sort of co-opting of real violence doesn't outrage you, it certainly should.

As should how divorced from the facts Bevin's claims are generally.

International comparisons of per capita spending on violent games and gun-related murders show a negative correlation between the two. And meta-analyses of video game violence studies have found no real link between imaginary on-screen violence and actual aggressive behavior.

With that in mind, understand that Bevin, the head of a state in our union, is suggesting an attack on the First Amendment protections of a form of art in response to a correlation to violence that is at best unproven, and for which much evidence to the contrary exists. Whatever that is, it isn't good political leadership.

from the only-just-begun dept

While the FCC formally voted to kill net neutrality late last year, the actual repeal of the rules doesn't occur until the repeal itself is published in the Federal Register. Sources tell Reuters that with Ajit Pai's agency having completed the finishing touches on its repeal, the publication should finally happen this week. Once that happens, there's a 60 day window before the actual repeal takes effect, meaning the rules will formally end in April:

"The U.S. Federal Communications Commission is expected to publish on Thursday its December order overturning the landmark Obama-era net neutrality rules, two sources briefed on the matter said Tuesday."

Of course that's really just the beginning of an entirely new chapter in the fight to prevent broadband monopolies from abusing a lack of competition in the broadband space (remember: net neutrality violations are just a symptom of a lack of competition, a problem nobody wants to seriously address for fear of upsetting campaign contributors).

The publication in the Federal Register opens the door to the myriad lawsuits that will be filed against the agency. Those lawsuits range from suits by Mozilla and consumer groups, to the 22 state attorneys general who say they're also suing the agency for ignoring the public interest. These lawsuits must be filed within the next 60 days. Expect the court battle to quickly begin heating up in March.

The publication also starts the 60 day shot clock on net neutrality activists' attempts to use the Congressional Review Act to reverse the FCC's repeal. As we've noted that effort needs just one more vote in the Senate, but faces a steep uphill climb in getting approval in the House, where ISP-loyal lawmakers are even more common. It would then require the signature of President Trump, something unlikely to happen. The gambit does have one primary benefit: it will force lawmakers to put their disdain for net neutrality and the will of the public down on paper ahead of the looming midterms.

That said, the lawsuits have a fairly solid shot at reversing the FCC's attack on the rules thanks to numerous missteps by the agency. As we've well documented, the FCC turned a blind eye to identity theft and comment fraud during the repeal by "someone" clearly trying to downplay massive public opposition to the FCC's plan. The FCC also made up a DDOS attack for the same purpose, and used debunked lobbyist data as the cornerstone of the repeal. Expect a lot more data on this behavior to surface during the court challenge.

As we've noted previously, you can expect ISPs to remain on their best behavior for the foreseeable future. Comcast, AT&T and Verizon policy marionettes will be eager to try and suggest that concerns about the repeal were hyperbole. ISP lawyers also won't be keen on providing any ammunition to help opponents in court. And since the next FCC or a future congress could just pass net neutrality rules again -- ISP lobbyists and compromised politicians are busy pushing fake net neutrality legislation with only one real purpose: prevent real, tough rules from being passed later.

It's worth reiterating that ISPs aren't just killing net neutrality here. They're actively eroding most meaningful state and federal (FTC and FCC) oversight over a broken, uncompetitive market. And should ISPs successfully navigate all court challenges and pass their desired legislation codifying federal apathy into law, the result won't be subtle. Anybody that thinks otherwise hasn't watched Comcast do business the last few decades.